Introduction to Computer & Networking Security Dr. Guofei Gu

Slides:



Advertisements
Similar presentations
An Overview of Computer and Network Security Nick Feamster CS 6262 Spring 2009.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Introduction to Security Computer Networks Computer Networks Term B10.
 What is a botnet?  How are botnets created?  How are they controlled?  How are bots acquired?  What type of attacks are they responsible for? 
22 November Security and Privacy  Security: the protection of data, networks and computing power  Privacy: complying with a person's desires when.
1 An Overview of Computer Security computer security.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Botnet Dection system. Introduction  Botnet problem  Challenges for botnet detection.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Detecting Botnets Using Hidden Markov Models on Network Traces Wade Gobel Bio-Grid, Summer 2008.
Welcome to CS 395/495 Basic Information Security: Technology, Business and Law.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter Threats in Networks Network Security / G. Steffen.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Botnets An Introduction Into the World of Botnets Tyler Hudak
Introduction to Honeypot, Botnet, and Security Measurement
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
Cyber Crimes.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography COS 461: Computer Networks Princeton University 1.
PART THREE E-commerce in Action Norton University E-commerce in Action.
BotNet Detection Techniques By Shreyas Sali
Cryptography and Network Security
Overview of Security Dr. Sriram Chellappan These slides are available at BlackBoard.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Computer Security: Principles and Practice
Computer & Network Security
C8- Securing Information Systems
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
Management Information Systems Chapter Eight Securing Information Systems Md. Golam Kibria Lecturer, Southeast University.
8/30/2010CS 686 Definition of Security/Privacy EJ Jung CS 686 Special Topics in CS Privacy and Security.
Welcome to Introduction to Computer Security. Why Computer Security The past decade has seen an explosion in the concern for the security of information.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Topic 5: Basic Security.
Chap1: Is there a Security Problem in Computing?.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Presented by D Callahan.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Information Systems Week 7 Securing Information Systems.
Network Security Celia Li Computer Science and Engineering York University.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
7 Chapter Securing Information Systems 1. The Boston Celtics Score Big Points Against Spyware Problem: frequency of wireless usage exposed Celtics’ proprietary.
Instructor Materials Chapter 7 Network Security
Threats By Dr. Shadi Masadeh.
Security in Networking
Presentation transcript:

Introduction to Computer & Networking Security Dr. Guofei Gu

Some Bedtime Stories

Denial of Service

Your YouTube Traffic: Pwned!

Phishing Spam: 95+% of all traffic on the Internet (200 billion spam messages per day, as of January 2009) Unique phishing attacks rose 13% (to over 28k!) in for second quarter hijacked brands 442 unique malicious application variants in May 2008

Malware

More… “Attack of the tweets: Major Twitter Flaw Exposed” – UK researcher says vulnerability in Twitter API lets an attacker take over a victim’s account – with a tweet. Aug 27, 2009 [Darkreading] Conficker worm:

Botnet – New Rising Threat

Sea-Change in Internet Attacks Computers on the Internet used to be mere targets –For fun and fame Now they are Resources/Platforms –For profit How big is the problem now? Introduction Botnet Detection Summary

Introduction Botnet Detection Summary Source:

Storm Worm for Comparison “…the Storm cluster has the equivalent of one to 10 million 2.8 GHz Pentium 4 processors with one to 10 million petabytes worth of RAM.... To put the size of a petabyte into perspective, Google, as of Aug. 2007, uses between 20 and 200 petabytes of disk space,according to Wikipedia.com. In comparison, Gutmann said, BlueGene/L currently contains 128,000 computer processor cores, and has a paltry 32 terabytes of RAM. A terabyte is about 1,000 times smaller than a petabyte.” Brian Kreb’s WashingtonPost report ( orm_worm_dwarfs_worlds_top_s_1.html) Introduction Botnet Detection Summary

What is Storm? A malware instance, more precisely, a botnet Using P2P techniques for its C&C channels Mainly used to send spam We are lucky because Storm is mainly used for sending spam… Introduction Botnet Detection Summary

Botnets: Current Single largest Internet Threat “Attack of zombie computers is growing threat” (New York Times) “Why we are losing the botnet battle” (Network World) “Botnet could eat the internet” (Silicon.com) “25% of Internet PCs are part of a botnet” (Vint Cerf) Introduction Botnet Detection Summary

What are Bots/Botnets? Bot (Zombie) –Compromised computer controlled by botcode (malware) without owner consent/knowledge –Professionally written; self-propagating Botnets (Bot Armies): Networks of bots controlled by criminals –Definition: “A coordinated group of malware instances that are controlled via C&C channels”. –Architectures: centralized (e.g., IRC,HTTP), distributed (e.g., P2P) –Key platform for fraud and other for-profit exploits bot C&C Bot-master Introduction Botnet Detection Summary

Botnet Epidemic More than 95% of all spam All distributed denial of service (DDoS) attacks Click fraud Phishing & pharming attacks Key logging & data/identity theft Distributing other malware, e.g., spyware Anonymized terrorist & criminal communication Introduction Botnet Detection Summary

Number of Bots Are Increasing! Introduction Botnet Detection Summary Source: shadowserver.org, 2008

Internet Security: Broken Assumptions Internet infrastructure (e.g., DNS, BGP) is trustworthy –DNS is more vulnerable than you think … Computers are secure when using up-to-date AV tools and firewall –Not really Attackers are for fun and fame –Profit, profit, profit! Attackers have limited/bounded computing power –They hare almost unbounded(?) power Attacks from isolated computers –The network is attacking you Where are we? Any hope to win this game? Introduction Botnet Detection Summary

Security (Very) Basics

What is Security? [Informally] Security is the prevention of certain types of intentional actions from occurring –These potential actions are threats –Threats that are carried out are attacks –Intentional attacks are carried out by an attacker –Objects of attacks are assets

Security: Definition Security is a state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable Security rests on confidentiality, authenticity, integrity, and availability

Basic Components Confidentiality is the concealment of information or resources Keeping data and resources hidden. Privacy. Authenticity is the identification and assurance of the origin of information Integrity refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes Preventing unauthorized changes to data or resources. Availability refers to the ability to use the information or resource desired Enabling access to data and resources

Security Threats and Attacks A threat is a potential violation of security –Flaws in design, implementation, and operation An attack is any action that violates security –Active vs. passive attacks

Vulnerabilities (Attack Vectors) A vulnerability is a systematic artifact that exposes the user, data, or system to a threat –E.g., buffer-overflow, WEP key leakage What is the source of a vulnerability? –Bad software (or hardware) –Bad design, requirements –Bad policy/configuration –System Misuse –Unintended purpose or environment E.g., student IDs for liquor store

Eavesdropping - Message Interception (Attack on Confidentiality) Unauthorized access to information Packet sniffers and wiretappers Illicit copying of files and programs A B Eavesdropper

Full Packet Capture (Passive) Example: OC3Mon Rack-mounted PC Optical splitter Data Acquisition and Generation (DAG) card Source: endace.com

Eavesdropping Attack: Example tcpdump with promiscuous network interface –On a switched network, what can you see? What might the following traffic types reveal about communications? –DNS lookups (and replies) –IP packets without payloads (headers only) –Payloads

Integrity Attack - Tampering Stop the flow of the message Delay and optionally modify the message Release the message again A B Perpetrator

Authenticity Attack - Fabrication Unauthorized assumption of other’s identity Generate and distribute objects under this identity A B Masquerader: from A

Man-In-The-Middle: Example Passive tapping –Listen to communication without altering contents. Active wire tapping –Modify data being transmitted –Example: userintruderserver fine! X logoff! Intruder takes over identity of user (masquerading)

Attack on Availability Destroy hardware (cutting fiber) or software Modify software in a subtle way (alias commands) Corrupt packets in transit Blatant denial of service (DoS): –Crashing the server –Overwhelm the server (use up its resource) A B

Goals of Security Prevention –Prevent attackers from violating security policy Detection –Detect attackers’ violation of security policy Recovery –Stop attack, assess and repair damage Survivability –Continue to function correctly even if attack succeeds

My Overall Research Problems How to make our computer, network, and Internet more secure? Prevent Detect React/ Survive Security principles: Defense–in-Depth, layered mechanisms

Want to know more? Consider taking CSCE 465 “Computer & Network Security” next spring that I’ll teach. Interested in learning/participating in cyber security research? Talk to me after the class – –Rm 502C HRBB

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.